diff options
| author | Garrett D'Amore <garrett@damore.org> | 2025-10-05 16:51:15 -0700 |
|---|---|---|
| committer | Garrett D'Amore <garrett@damore.org> | 2025-10-05 20:56:39 -0700 |
| commit | 06d6d80f8c92ef1d3bd7c00c919e10a411183cb3 (patch) | |
| tree | edf8d4cff9b2f595ccd9e3cb4db3cf31eb13bc02 /src/supplemental/tls/tls_stream.c | |
| parent | d1bd64c8251171ac8e1d4e71ab8726c2a64fd55a (diff) | |
| download | nng-06d6d80f8c92ef1d3bd7c00c919e10a411183cb3.tar.gz nng-06d6d80f8c92ef1d3bd7c00c919e10a411183cb3.tar.bz2 nng-06d6d80f8c92ef1d3bd7c00c919e10a411183cb3.zip | |
fixes #2173 New TLS cert API - replaces the properties for CN and ALTNAMES.
This will replace the NNG_OPT_TLS_PEER_ALTNAMES and NNG_OPT_TLS_PEER_CN
properties, and gives a bit more access to the certificate, as well as
direct access to the raw DER form, which should allow use in other APIs.
Diffstat (limited to 'src/supplemental/tls/tls_stream.c')
| -rw-r--r-- | src/supplemental/tls/tls_stream.c | 22 |
1 files changed, 16 insertions, 6 deletions
diff --git a/src/supplemental/tls/tls_stream.c b/src/supplemental/tls/tls_stream.c index 4a033887..d3dd9497 100644 --- a/src/supplemental/tls/tls_stream.c +++ b/src/supplemental/tls/tls_stream.c @@ -15,6 +15,7 @@ #include "../../core/nng_impl.h" +#include "nng/nng.h" #include "tls_common.h" #include "tls_engine.h" #include "tls_stream.h" @@ -142,6 +143,7 @@ tls_stream_conn_cb(void *arg) static nng_err tls_stream_get( void *arg, const char *name, void *buf, size_t *szp, nni_type t); +static nng_err tls_stream_peer_cert(void *arg, nng_tls_cert **); int nni_tls_stream_alloc(tls_stream **tsp, nng_tls_config *cfg, nng_aio *user_aio) @@ -160,12 +162,13 @@ nni_tls_stream_alloc(tls_stream **tsp, nng_tls_config *cfg, nng_aio *user_aio) ts->user_aio = user_aio; // NB: free is exposed for benefit of dialer/listener - ts->stream.s_free = nni_tls_stream_free; - ts->stream.s_close = tls_stream_close; - ts->stream.s_stop = tls_stream_stop; - ts->stream.s_send = tls_stream_send; - ts->stream.s_recv = tls_stream_recv; - ts->stream.s_get = tls_stream_get; + ts->stream.s_free = nni_tls_stream_free; + ts->stream.s_close = tls_stream_close; + ts->stream.s_stop = tls_stream_stop; + ts->stream.s_send = tls_stream_send; + ts->stream.s_recv = tls_stream_recv; + ts->stream.s_get = tls_stream_get; + ts->stream.s_peer_cert = tls_stream_peer_cert; nni_aio_init(&ts->conn_aio, tls_stream_conn_cb, ts); @@ -200,6 +203,13 @@ tls_get_peer_cn(void *arg, void *buf, size_t *szp, nni_type t) return (NNG_OK); } +static nng_err +tls_stream_peer_cert(void *arg, nng_tls_cert **certp) +{ + tls_stream *ts = arg; + return (nni_tls_peer_cert(&ts->conn, certp)); +} + static const nni_option tls_stream_options[] = { { .o_name = NNG_OPT_TLS_VERIFIED, |